The process of accumulating data regarding a specific network environment, usually for the purpose of finding ways to intrude into the environment.

Locate the network range

Locating the network range is needed to know what addresses can be targeted and are available for additional scanning and analysis.

Identify active machines

The identification of active machines is accomplished by means of ping sweeps and port scans. Both aid in an analysis of understanding if the machine is actively connected to the network and reachable.

Understand how to map open ports and identify their underlying applications

Ports are tied to applications and, as such, can be registered, random, or dynamic.

Describe passive fingerprinting

Passive fingerprinting is the act of identifying systems without injecting traffic or packets into the network.